Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-55978
WordPress Code Generator Pro plugin <= 1.2 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WalletStation.com Code Generator Pro allows SQL Injection.This issue affects Code Generator Pro: from n/a through 1.2.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-55977
WordPress LaunchPage.app Importer plugin <= 1.1 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in launch-page-importer LaunchPage.app Importer allows SQL Injection.This issue affects LaunchPage.app Importer: from n/a through 1.1.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-55976
WordPress Critical Site Intel plugin <= 1.0 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mike Leembruggen Critical Site Intel allows SQL Injection.This issue affects Critical Site Intel: from n/a through 1.0.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-55972
WordPress eTemplates plugin <= 0.2.1 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Carvache eTemplates allows SQL Injection.This issue affects eTemplates: from n/a through 0.2.1.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-54372
WordPress Insertify plugin <= 1.1.4 - CSRF to Remote Code Execution vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Insertify allows Code Injection.This issue affects Insertify: from n/a through 1.1.4.

CVSS: CRITICAL (9.6)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-54370
WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.0 - Arbitrary File Upload vulnerability
Description: Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member allows Upload a Web Shell to a Web Server.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through 1.1.0.

CVSS: CRITICAL (9.9)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-54369
WordPress Zita Site Builder plugin <= 1.0.2 - Arbitrary Plugin Installation and Activation vulnerability
Description: Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through 1.0.2.

CVSS: CRITICAL (9.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-54368
WordPress GitSync plugin <= 1.1.0 - CSRF to Remote Code Execution vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garza, Jr. GitSync allows Code Injection.This issue affects GitSync: from n/a through 1.1.0.

CVSS: CRITICAL (9.6)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-54367
WordPress ForumWP plugin <= 2.1.0 - PHP Object Injection vulnerability
Description: Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This issue affects ForumWP: from n/a through 2.1.0.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)

CVE-2024-54363
WordPress Wp NssUser Register plugin <= 1.0.0 - Privilege Escalation vulnerability
Description: Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through 1.0.0.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (6 months ago)